-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter attr:matchingRule values reversed #23
Comments
I haven't looked into this yet, but in general a PCAP is always helpful as it allows quickly reproducing an issue without having to generate input (which itself can be error-prone). |
Hi Zeek, I can''t seem to attach pcap files through the web-interface. How shall I proceed? They are roughly 2k eachin size fo I can mail them or I can host them on my github? |
Hi @martinvanhensbergen, what issue are you seeing? If it is rejected because of the file type, try renaming the file extension to a supported type or alternatively compress it with zip which should be supported. If the issue is file size, maybe you can reduce the PCAP by removing frames not relevant to the problem? |
Lol, just as I was driving home an hour ago I thought: why didnt i just zip it and see if that works :-D and here you are suggesting the same. I think this will work indeed! |
@martinvanhensbergen, would we have your permission to incorporate these PCAPs into our test suite as part of this package (Zeek-flavored BSD-3 license, explicit call out of source in the developer documentation)? |
Yes, no problem! We created them in our lab and are free to use. Thanks! |
This should be fixed by the latest release of this plugin. Like #21 this was about the string representation of parsed constructs, and having multiple separate issues show up in this area probably shows that this part of the parser might hide other bugs as well; please feel free to file new issues @martinvanhensbergen. |
Thank you very much; we will probably do a testrun with this new version somewhere next week! |
Today I can confirm that we no longer see the aforementioned issues after upgrading the package and we didn't see any regression either. Thank you for such a short loop in fixing! |
Hi all,
In some instances, for example in case 14.4 https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html/administration_guide/examples-of-common-ldapsearches, we see that:
departmentNumber:2.16.840.1.113730.3.3.2.46.1:=>= N4709
is written in the logs as:
(2.16.840.1.113730.3.3.2.46.1:departmentNumber:=>=N4709).
Wireshark also correctly states departmentNumber:2.16.840.1.113730.3.3.2.46.1:=>= N4709 so I think it is not an issue with our pcap.
Should a PCAP be necessary for this we could try to isolate and scrub one.
Thanks!
The text was updated successfully, but these errors were encountered: